Closing Critical Gaps in Endpoint Security
In spite of numerous protections, endpoint computers are still successfully attacked at rates that are both alarming and unacceptable. These attacks create real risk to businesses and government agencies, which in turn must expend significant effort and money to address the results. Triumfant applies our one-of-a-kind technology to fill the three basic, but profound gaps that explain why attacks that make it through the perimeter defenses (firewalls, IDS, IPS) to endpoint machines:
- Machines are not properly configured to defend themselves from attack or the defensive software deployed to those machines is either improperly configured or not operational.
- Traditional endpoint security tools miss known (a signature exists) attacks at rates exceeding ten percent and unknown attacks at fifty percent. The sheer volume of attacks in today’s environment makes these failure rates significant.
- There are sophisticated, targeted attacks that are engineered specifically to evade existing endpoint protections such as rootkits, zero days and multi-stage attacks.
Triumfant applies one-of-a-kind technology to directly address the gaps in endpoint security by performing two highly critical functions:
Continuous Enforcement of Security Configurations. Triumfant continuously enforces security configurations and ensures that the other endpoint protection software is in place, properly configured, and fully operational. Triumfant continually scans endpoint machines to detect when a machine is non-compliant to configuration settings and policies and automatically remediates the problem. Every machine starts every day properly configured and at the highest possible state of security readiness which directly lowers risk. Because of the automated nature of Triumfant, organizations receive the benefit of this every machine, every day compliance with minimal labor costs. Triumfant also removes unauthorized applications to remove any risk associated with such programs.
Real-time Malware Detection and Remediation. The ability to identify changes at the most granular level allows Triumfant to detect, analyze and remediate malicious attacks in real-time without the need for signatures or any prior knowledge of the attack. Triumfant can see the attacks that other defenses either miss or the attacks designed specifically to evade those attacks such as zero days, targeted attacks, and rootkits. The story does not end at detection as Triumfant synthesizes a remediation to remove the malicious code and all of the artifacts associated with the attack, restoring configuration settings and registry attributes to return the machine its secure condition before the attack. Triumfant's sophisticated remediation capability means that a machine goes from infection to remediation in five minutes: no gaps in detection, no time lost analyzing the attack, no exposure waiting for someone to write a remediation script, no costly re-imaging.
To learn more about how we close the gaps in endpoint protection, please see the following:
- Details about Security Configuration Management
- Details about Real-time Malware Detection and Remediation
See Solutions for the Government for more information about our NIST SCAP capabilities and other solutions for the government
